package org.third.integration.auth.jaas.hello;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.mock.web.MockHttpServletRequest;

import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;

import java.net.URL;

/**
 * <pre>
 * java -Djava.security.auth.login.config=login.conf
 * 
  Example {
    com.ibm.resource.security.auth.LoginModuleExample required 
      debug=true userFile="users.xml" groupFile="groups.xml";
  };
 * 
 * 
 * java -Djava.security.auth.policy=policy.jaas
     // Example grant entry
    grant codeBase "file:/C:/sample.jar", signedby "XYZ",
      principal com.ibm.resource.security.auth.PrincipalExample "admin" {
        // Allow socket actions to any host using port 8080
        permission java.net.SocketPermission 
          "*:8080", "accept, connect, listen, resolve";
        // Allows file access (read, write, execute, delete) in
        // the user's home directory.
        Permission java.io.FilePermission 
          "${user.home}/-", "read, write, execute, delete";
    };
 * </pre>
 * 
 * @author gongyo
 *
 */
public class HelloLoginManager {
    static final Logger logger = LoggerFactory.getLogger(HelloLoginManager.class);

    public static boolean login(HttpServletRequest request) {

        try {
            for (int i = 0; i < 10; ++i) {
                HelloJaasClassLoader helloClassLoader = new HelloJaasClassLoader(new URL[] { new URL(
//                         "file:/C:/Users/gongyo/workspace/idm/idm_server_view3/idm-service/idm-service/target/idm-service-war/WEB-INF/classes"
                        "file:/C:/IDM/help/server/resources/security/idm-jaas.jar"
//                        "file:/C:/Users/gongyo/workspace/test/target/classes"
                        ) });
                
                Thread.currentThread().setContextClassLoader(helloClassLoader);
                String username = request.getParameter("username");
                String password = request.getParameter("password");
                // 此处指定了使用配置文件的“HelloJaas1”验证模块，对应的实现类为SampleLoginModule
                javax.security.auth.login.LoginContext lc = new LoginContext("HelloJaas1", new HelloCallbackHandler(request));
                lc.login();// 如果验证失败会抛出异常
                logger.info(lc.getSubject().toString());
                lc.logout();
            }
            return true;
        } catch (LoginException e) {
            e.printStackTrace();
            return false;
        } catch (SecurityException e) {
            e.printStackTrace();
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static void main(String[] args) {
        // -Djava.security.auth.login.config=C:\IDM\help\server\main\org\third\auth\jaas\hello\Hello_Jaas.conf
        System.setProperty("java.security.auth.login.config",
                "C:\\IDM\\help\\server\\main\\org\\third\\auth\\jaas\\hello\\Hello_Jaas.conf");
        MockHttpServletRequest request = new MockHttpServletRequest();
        // request.setParameter("username", "cn=Manager,dc=my-domain,dc=com");
        request.setParameter("username", "test5");
        request.setParameter("password", "test5");

        new HelloLoginManager().login(request);
    }
}
